3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 1998-2017 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 echo "running defines.sh"
17 . $SRCDIR/scripts/defines.sh
21 if test $BACKLDAP = ldapno ; then
22 echo "ldap backend not available, test skipped"
26 if test $RWM = rwmno ; then
27 echo "rwm (rewrite/remap) overlay not available, test skipped"
33 mkdir -p $TESTDIR $DBDIR1 $DBDIR2
35 echo "Starting slapd on TCP/IP port $PORT1..."
36 . $CONFFILTER $BACKEND $MONITORDB < $METACONF1 > $CONF1
37 $SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
39 if test $WAIT != 0 ; then
47 echo "Using ldapsearch to check that slapd is running..."
48 for i in 0 1 2 3 4 5; do
49 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
50 'objectclass=*' > /dev/null 2>&1
52 if test $RC = 0 ; then
55 echo "Waiting 5 seconds for slapd to start..."
58 if test $RC != 0 ; then
59 echo "ldapsearch failed ($RC)!"
60 test $KILLSERVERS != no && kill -HUP $KILLPIDS
64 echo "Using ldapadd to populate the database..."
65 $LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD < \
66 $LDIFORDERED > $TESTOUT 2>&1
68 if test $RC != 0 ; then
69 echo "ldapadd failed ($RC)!"
70 test $KILLSERVERS != no && kill -HUP $KILLPIDS
74 echo "Starting slapd on TCP/IP port $PORT2..."
75 . $CONFFILTER $BACKEND $MONITORDB < $METACONF2 > $CONF2
76 $SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING > $LOG2 2>&1 &
78 if test $WAIT != 0 ; then
82 KILLPIDS="$KILLPIDS $PID"
86 echo "Using ldapsearch to check that slapd is running..."
87 for i in 0 1 2 3 4 5; do
88 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT2 \
89 'objectclass=*' > /dev/null 2>&1
91 if test $RC = 0 ; then
94 echo "Waiting 5 seconds for slapd to start..."
97 if test $RC != 0 ; then
98 echo "ldapsearch failed ($RC)!"
99 test $KILLSERVERS != no && kill -HUP $KILLPIDS
103 echo "Using ldapadd to populate the database..."
104 $LDAPADD -D "$METAMANAGERDN" -h $LOCALHOST -p $PORT2 -w $PASSWD < \
105 $LDIFMETA >> $TESTOUT 2>&1
107 if test $RC != 0 ; then
108 echo "ldapadd failed ($RC)!"
109 test $KILLSERVERS != no && kill -HUP $KILLPIDS
113 echo "Starting slapd on TCP/IP port $PORT3..."
114 . $CONFFILTER $BACKEND $MONITORDB < $GLUELDAPCONF > $CONF3
115 $SLAPD -f $CONF3 -h $URI3 -d $LVL $TIMING > $LOG3 2>&1 &
117 if test $WAIT != 0 ; then
121 KILLPIDS="$KILLPIDS $PID"
125 echo "Using ldapsearch to check that slapd is running..."
126 for i in 0 1 2 3 4 5; do
127 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT3 \
128 'objectclass=*' > /dev/null 2>&1
130 if test $RC = 0 ; then
133 echo "Waiting 5 seconds for slapd to start..."
136 if test $RC != 0 ; then
137 echo "ldapsearch failed ($RC)!"
138 test $KILLSERVERS != no && kill -HUP $KILLPIDS
142 cat /dev/null > $SEARCHOUT
144 BASEDN="o=Example,c=US"
145 echo "Searching base=\"$BASEDN\"..."
146 echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
147 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -b "$BASEDN" >> $SEARCHOUT 2>&1
149 #if test $RC != 0 ; then
150 # echo "Search failed ($RC)!"
151 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
158 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
159 test $KILLSERVERS != no && kill -HUP $KILLPIDS
163 echo "Search failed ($RC)!"
164 test $KILLSERVERS != no && kill -HUP $KILLPIDS
169 # ITS#4195: spurious matchedDN when the search scopes the main target,
170 # and the searchBase is not present, so that target returns noSuchObject
171 BASEDN="ou=Meta,o=Example,c=US"
172 echo "Searching base=\"$BASEDN\"..."
173 echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
174 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -b "$BASEDN" >> $SEARCHOUT 2>&1
176 #if test $RC != 0 ; then
177 # echo "Search failed ($RC)!"
178 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
185 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
186 test $KILLSERVERS != no && kill -HUP $KILLPIDS
190 echo "Search failed ($RC)!"
191 test $KILLSERVERS != no && kill -HUP $KILLPIDS
197 # Do some modifications
200 BASEDN="o=Example,c=US"
201 echo "Modifying database \"$BASEDN\"..."
202 $LDAPMODIFY -v -D "cn=Manager,$BASEDN" -h $LOCALHOST -p $PORT3 -w $PASSWD \
203 -M >> $TESTOUT 2>&1 << EOMODS
204 # These operations (updates with objectClass mapping) triggered ITS#3499
205 dn: cn=Added Group,ou=Groups,$BASEDN
207 objectClass: groupOfNames
208 objectClass: uidObject
210 member: cn=Added Group,ou=Groups,$BASEDN
213 dn: cn=Another Added Group,ou=Groups,$BASEDN
215 objectClass: groupOfNames
216 cn: Another Added Group
217 member: cn=Added Group,ou=Groups,$BASEDN
218 member: cn=Another Added Group,ou=Groups,$BASEDN
220 dn: cn=Another Added Group,ou=Groups,$BASEDN
223 objectClass: uidObject
229 dn: cn=Added Group,ou=Groups,$BASEDN
232 objectClass: uidObject
240 description: added to "ou=Meta,$BASEDN"
243 dn: ou=Who's going to handle this?,$BASEDN
245 objectClass: organizationalUnit
246 ou: Who's going to handle this?
248 description: will be deleted
250 dn: ou=Same as above,$BASEDN
252 objectClass: organizationalUnit
254 description: added right after "Who's going to handle this?"
255 description: will be preserved
257 dn: ou=Who's going to handle this?,$BASEDN
260 dn: ou=Who's going to handle this?,ou=Meta,$BASEDN
262 objectClass: organizationalUnit
263 ou: Who's going to handle this?
265 description: will be deleted
267 dn: ou=Same as above,ou=Meta,$BASEDN
269 objectClass: organizationalUnit
271 description: added right after "Who's going to handle this?"
272 description: will be preserved
274 dn: cn=Added User,ou=Same as above,ou=Meta,$BASEDN
276 objectClass: inetOrgPerson
281 dn: ou=Who's going to handle this?,ou=Meta,$BASEDN
286 #if test $RC != 0 ; then
287 # echo "Modify failed ($RC)!"
288 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
295 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
296 test $KILLSERVERS != no && kill -HUP $KILLPIDS
300 echo "Modify failed ($RC)!"
301 test $KILLSERVERS != no && kill -HUP $KILLPIDS
306 echo "Searching base=\"$BASEDN\"..."
307 echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
308 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -b "$BASEDN" >> $SEARCHOUT 2>&1
310 #if test $RC != 0 ; then
311 # echo "Search failed ($RC)!"
312 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
319 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
320 test $KILLSERVERS != no && kill -HUP $KILLPIDS
324 echo "Search failed ($RC)!"
325 test $KILLSERVERS != no && kill -HUP $KILLPIDS
330 BASEDN="o=Example,c=US"
331 echo " base=\"$BASEDN\"..."
332 echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
333 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -b "$BASEDN" -M "$FILTER" '*' ref \
336 #if test $RC != 0 ; then
337 # echo "Search failed ($RC)!"
338 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
345 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
346 test $KILLSERVERS != no && kill -HUP $KILLPIDS
350 echo "Search failed ($RC)!"
351 test $KILLSERVERS != no && kill -HUP $KILLPIDS
356 BASEDN="o=Example,c=US"
357 FILTER="(seeAlso=cn=all staff,ou=Groups,$BASEDN)"
358 echo "Searching filter=\"$FILTER\""
359 echo " attrs=\"seeAlso\""
360 echo " base=\"$BASEDN\"..."
361 echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
362 echo "# attrs=\"seeAlso\"" >> $SEARCHOUT
363 echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
364 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -b "$BASEDN" "$FILTER" seeAlso \
367 #if test $RC != 0 ; then
368 # echo "Search failed ($RC)!"
369 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
376 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
377 test $KILLSERVERS != no && kill -HUP $KILLPIDS
381 echo "Search failed ($RC)!"
382 test $KILLSERVERS != no && kill -HUP $KILLPIDS
387 FILTER="(uid=example)"
388 echo "Searching filter=\"$FILTER\""
389 echo " attrs=\"uid\""
390 echo " base=\"$BASEDN\"..."
391 echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
392 echo "# attrs=\"uid\"" >> $SEARCHOUT
393 echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
394 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -b "$BASEDN" "$FILTER" uid \
397 #if test $RC != 0 ; then
398 # echo "Search failed ($RC)!"
399 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
406 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
407 test $KILLSERVERS != no && kill -HUP $KILLPIDS
411 echo "Search failed ($RC)!"
412 test $KILLSERVERS != no && kill -HUP $KILLPIDS
417 FILTER="(member=cn=Another Added Group,ou=Groups,$BASEDN)"
418 echo "Searching filter=\"$FILTER\""
419 echo " attrs=\"member\""
420 echo " base=\"$BASEDN\"..."
421 echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
422 echo "# attrs=\"member\"" >> $SEARCHOUT
423 echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
424 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -b "$BASEDN" "$FILTER" member \
427 #if test $RC != 0 ; then
428 # echo "Search failed ($RC)!"
429 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
436 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
437 test $KILLSERVERS != no && kill -HUP $KILLPIDS
441 echo "Search failed ($RC)!"
442 test $KILLSERVERS != no && kill -HUP $KILLPIDS
447 echo "Waiting 10 seconds for cached connections to timeout..."
450 echo "Searching with a timed out connection..."
451 echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
452 echo "# attrs=\"member\"" >> $SEARCHOUT
453 echo "# base=\"$BASEDN\"" >> $SEARCHOUT
454 echo "# with a timed out connection..." >> $SEARCHOUT
455 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 -D "cn=Manager,$BASEDN" -w $PASSWD \
456 -b "$BASEDN" "$FILTER" member \
459 #if test $RC != 0 ; then
460 # echo "Search failed ($RC)!"
461 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
468 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
469 test $KILLSERVERS != no && kill -HUP $KILLPIDS
473 echo "Search failed ($RC)!"
474 test $KILLSERVERS != no && kill -HUP $KILLPIDS
479 # NOTE: cannot send to $SEARCHOUT because the returned entries
480 # are not predictable...
481 echo "Checking server-enforced size limit..."
482 echo "# Checking server-enforced size limit..." >> $SEARCHOUT
483 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 \
484 -D "cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" -w bjorn \
485 -b "$BASEDN" "(objectClass=*)" 1.1 \
492 echo "Search should have failed ($RC)!"
493 test $KILLSERVERS != no && kill -HUP $KILLPIDS
497 echo "Search failed ($RC)!"
498 test $KILLSERVERS != no && kill -HUP $KILLPIDS
503 # NOTE: cannot send to $SEARCHOUT because the returned entries
504 # are not predictable...
505 echo "Checking client-requested size limit..."
506 echo "# Checking client-requested size limit..." >> $SEARCHOUT
507 $LDAPSEARCH -S "" -h $LOCALHOST -p $PORT3 \
508 -D "cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" -w bjorn \
509 -b "$BASEDN" -z 2 "(objectClass=*)" 1.1 \
516 echo "Search should have failed ($RC)!"
517 test $KILLSERVERS != no && kill -HUP $KILLPIDS
521 echo "Search failed ($RC)!"
522 test $KILLSERVERS != no && kill -HUP $KILLPIDS
527 echo "Filtering ldapsearch results..."
528 $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
529 echo "Filtering original ldif used to create database..."
530 $LDIFFILTER < $METAOUT > $LDIFFLT
531 echo "Comparing filter output..."
532 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT
534 if test $? != 0 ; then
535 echo "comparison failed - meta search/modification didn't succeed"
536 test $KILLSERVERS != no && kill -HUP $KILLPIDS
540 # ITS#4458 needs patch to slapo-rwm for global rewriting of passwd_exop
541 BASEDN="o=Example,c=US"
542 echo "Changing password to database \"$BASEDN\"..."
543 $LDAPPASSWD -h $LOCALHOST -p $PORT3 -D "cn=Manager,$BASEDN" -w $PASSWD \
544 -s $PASSWD "cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN" \
547 #if test $RC != 0 ; then
548 # echo "Passwd ExOp failed ($RC)!"
549 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
556 # echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
557 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
562 echo "Passwd ExOp failed ($RC)! ITS#4458?"
565 echo "Passwd ExOp failed ($RC)!"
566 test $KILLSERVERS != no && kill -HUP $KILLPIDS
571 if test $RC = 0 ; then
572 echo "Binding with newly changed password to database \"$BASEDN\"..."
573 $LDAPWHOAMI -h $LOCALHOST -p $PORT3 \
574 -D "cn=Ursula Hampster,ou=Alumni Association,ou=People,$BASEDN" \
575 -w $PASSWD >> $TESTOUT 2>&1
577 #if test $RC != 0 ; then
578 # echo "WhoAmI failed ($RC)!"
579 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
586 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
589 echo "WhoAmI failed ($RC)!"
590 test $KILLSERVERS != no && kill -HUP $KILLPIDS
596 echo "Binding as newly added user to database \"$BASEDN\"..."
597 $LDAPWHOAMI -h $LOCALHOST -p $PORT3 \
598 -D "cn=Added User,ou=Same as above,ou=Meta,$BASEDN" \
599 -w $PASSWD >> $TESTOUT 2>&1
601 #if test $RC != 0 ; then
602 # echo "WhoAmI failed ($RC)!"
603 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
610 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
613 echo "WhoAmI failed ($RC)!"
614 test $KILLSERVERS != no && kill -HUP $KILLPIDS
619 echo "Changing password to database \"$BASEDN\"..."
620 $LDAPPASSWD -h $LOCALHOST -p $PORT3 -D "cn=Manager,$BASEDN" -w $PASSWD \
621 -s meta "cn=Added User,ou=Same as above,ou=Meta,$BASEDN" \
624 #if test $RC != 0 ; then
625 # echo "Passwd ExOp failed ($RC)!"
626 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
633 # echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
634 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
639 echo "Passwd ExOp failed ($RC)! ITS#4458?"
642 echo "Passwd ExOp failed ($RC)!"
643 test $KILLSERVERS != no && kill -HUP $KILLPIDS
648 if test $RC = 0 ; then
649 echo "Binding with newly changed password to database \"$BASEDN\"..."
650 $LDAPWHOAMI -h $LOCALHOST -p $PORT3 \
651 -D "cn=Added User,ou=Same as above,ou=Meta,$BASEDN" \
652 -w meta >> $TESTOUT 2>&1
654 #if test $RC != 0 ; then
655 # echo "WhoAmI failed ($RC)!"
656 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
663 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
666 echo "WhoAmI failed ($RC)!"
667 test $KILLSERVERS != no && kill -HUP $KILLPIDS
673 echo "Binding with incorrect password to database \"$BASEDN\"..."
674 $LDAPWHOAMI -h $LOCALHOST -p $PORT3 \
675 -D "cn=Added User,ou=Same as above,ou=Meta,$BASEDN" \
676 -w bogus >> $TESTOUT 2>&1
678 #if test $RC != 0 ; then
679 # echo "WhoAmI failed ($RC)!"
680 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
687 echo "WhoAmI should have failed ($RC)!"
688 test $KILLSERVERS != no && kill -HUP $KILLPIDS
692 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
698 echo "Binding with non-existing user to database \"$BASEDN\"..."
699 $LDAPWHOAMI -h $LOCALHOST -p $PORT3 \
700 -D "cn=Non-existing User,ou=Same as above,ou=Meta,$BASEDN" \
701 -w bogus >> $TESTOUT 2>&1
703 #if test $RC != 0 ; then
704 # echo "WhoAmI failed ($RC)!"
705 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
712 echo "WhoAmI should have failed ($RC)!"
713 test $KILLSERVERS != no && kill -HUP $KILLPIDS
717 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
723 echo "Comparing to database \"$BASEDN\"..."
724 $LDAPCOMPARE -h $LOCALHOST -p $PORT3 \
725 "cn=Another Added Group,ou=Groups,$BASEDN" \
726 "member:cn=Added Group,ou=Groups,$BASEDN" >> $TESTOUT 2>&1
728 #if test $RC != 6 ; then
729 # echo "Compare failed ($RC)!"
730 # test $KILLSERVERS != no && kill -HUP $KILLPIDS
739 echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
742 echo "Compare failed ($RC)!"
743 test $KILLSERVERS != no && kill -HUP $KILLPIDS
748 test $KILLSERVERS != no && kill -HUP $KILLPIDS
750 echo ">>>>> Test succeeded"
752 test $KILLSERVERS != no && wait